The bug of the iPhone is probably caused by the added code to appease the Chinese government

The iOS 11.4.1 update released by Apple is particularly notable for having made more difficult the access of the forces of the order. iPhones. On Tuesday, security researcher Patrick Wardle clarified another solution. He said that his fix addressed to the Apple code added likely to appease the Chinese government; this is the code that caused crashes on some iDevices when users typed the word Taiwan or received messages containing a Taiwanese emoji.

"Although its impact is limited to a denial of service (NULL-dereference pointter)," Wardle, a former hacker for the National Security Agency, wrote in a blog post. "And if Apple had not tried to appease the Chinese government in the first place, there would be no bug!"

Wardle, who is now an expert in macOS and iOS security at Digital Security, said that he was puzzled when a friend the first time she reported that her unpatched and fully patched device was crushed whenever she typed Taiwan or received a message with a Taiwanese flag. It had no trouble duplicating the remote trigger bug, which crashed any iOS application dealing with remote messages, including iMessage, Facebook Messenger and WhatsApp. However, Wardle found that only devices with certain region-specific configurations were affected.

The notorious closed nature of the iPhone made analysis difficult. He helped isolate the memory locations that stored a dereferenced null pointer and a faulty instruction that caused it. Wardle's also relied on the recovery image of the iPhone to recover some code libraries. He finally found that the crashes were caused by a code that classified the messages according to the emoji that they contained. He also noticed that the error seemed to be triggered when iOS had country codes including China or language settings including Chinese (his friend's phone specified the region as the US and the language as the language). # 39; English).

leads to a simple solution. Wardle explained:

After two + years of being unable to type "Taiwan" or being remote DOS when his phone received a Taiwanese flag emoji, repair (well done to my friend Josh S. for the # Idea!), Was simply to switch the US region to China, then back to the United States.

I'm not 100% sure why (or how it corrected), but I guess the value "Country" is "US" so the Boolean flag (at byte_1b1c9bb00) has been set to 0x1, which means that CFStringCompare () `has never been called … or calls to CFLocaleCopyCurrent () / CFLocaleGetValue () are no longer returning NULL, which means that a valid string was passed to CFStringCompare ().

Wardle traced the likely goal of the buggy code to documented iOS behavior that hides the Taiwanese flag from the emoji menu or that is displayed on the screen when the region is set to China. Apple has not responded to an email requesting a comment for this article. Wardle also reported the bug to Apple in private. The vulnerability has been indexed as CVE-2018-4290 and fixed in iOS 11.4.1.